function tfooter()
{
$Temp = new Template();
$Temp->dir = 'pro';
$Temp->file = "footer.tpl";
$Temp->tp();
echo $Temp->html;
}
function search()
{
global $logged;
if (!isset($_POST['submit'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_find.tpl";
$Temp->tp(__LINE__, __FILE__);
return $Temp->html;
} else {
$t = $_POST['s'] == 2 ? 1 : 2;
$type = $_POST['s'] == 2 ? '`topics`' : '`replies`';
$type_ = $_POST['s'] == 2 ? '`title`' : '`post`';
$query = htmlspecialchars($_POST['query']);
$sql = mysql_query("SELECT * FROM " . $type . " WHERE " . $type_ . " LIKE '%" . $query . "%'");
if (empty($query) || $query == "") {
pageerror("Search Error", "Something was blank.", "Looks like you left the search field blank, please go back and try again.");
}
if (mysql_num_rows($sql) <= 0) {
pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
}
$content = "";
while ($row = mysql_fetch_array($sql)) {
switch ($t) {
case 1:
if (getFP($row['fid'], 1)) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_msg.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('TID' => $row['id'], 'TNAME' => $row['title'], 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format(getFirstPost($row['id']))), 'POSTER' => $row['username']));
$content .= $Temp->html;
}
break;
case 2:
if (getFP(topic_parent_($row['id']), 1)) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_msg.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('TID' => $row['tid'], 'TNAME' => topicName($row['title']), 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format($row['post'])), 'POSTER' => $row['username']));
$content .= $Temp->html;
}
break;
}
}
if (empty($content) || $content == "") {
pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
}
return $content;
}
}
function profile()
{
global $logged;
$id = intval(htmlspecialchars($_GET['profile;id']));
$sql = mysql_query("SELECT * FROM `users` WHERE `id` = '" . $id . "' LIMIT 1;");
if (mysql_num_rows($sql) <= 0) {
pageerror("Profile Error", "Doesn't exists.", "Sorry, but it looks like this user wasn't created or was deleted.");
}
$information = mysql_fetch_array($sql);
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "profile.tpl";
$Temp->tp();
$Temp->tr(array('USERNAME' => $information['username'], 'POSTS' => $information['post'], 'GROUP' => getgroupname($information['level']), 'JOINED' => empty($information['joined']) ? 'unknown' : date("m-d-y", $information['joined']), 'AVY' => '', 'MSN' => empty($information['msn']) ? 'unknown' : $information['msn'], 'GTALK' => 'unknown', 'EMAIL' => 'unknown'));
echo $Temp->html;
}
function RUN_Newtopic()
{
global $logged, $permissions;
if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
} else {
pageerror("Topic Error", "", "Sorry, but there wasn't a forum id present.");
}
if (!getFP($id, 3)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions to post a new topic.");
}
if (check_forum_lock($id) and $permissions['admin'] != 't') {
pageerror("Forum Locked", "", "Sorry, you can't post a topic in here because this forum is locked");
} else {
$post = htmlspecialchars($_POST['post']);
$ttitle = htmlspecialchars($_POST['title']);
$tdesc = htmlspecialchars($_POST['tdesc']);
$time = time();
if (!isset($_POST['newtopic'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "newtopic.tpl";
$Temp->tp();
$Temp->tr(array('TOPIC_NAME' => 'New Topic', 'TITLE' => '', 'DESC' => '', 'POST' => '', '<<HIDE>>' => '', '<<HIDE_2>>' => ''));
echo $Temp->html;
} else {
if (!$logged['username']) {
pageerror("Topic Error", "There was an error creating topic", "You don't have permissions to post a new topic!");
}
if (empty($post)) {
pageerror("Topic Error", "There was an error creating topic", "Please check your post because you left the topic post blank!");
} elseif (empty($ttitle)) {
pageerror("Topic Error", "There was an error creating topic", "Please check your post because you left the topic title blank!");
} else {
update_post_count();
$newtopic = mysql_query("INSERT INTO `topics`(`fid`,`date`,`timestamp`,`title`,`username`,`description`) VALUES('" . $id . "','" . $time . "','" . $time . "','" . $ttitle . "','" . $logged['username'] . "','" . $tdesc . "')") or die(pageerror("Topic Error", "Something went wrong in SQL", "Sorry, but your topic couldn't be created please contact the administrator with this error"));
$nreply = mysql_query("SELECT `id` FROM `topics` ORDER BY `id` DESC LIMIT 1") or die("ERROR");
$nreply = mysql_fetch_array($nreply);
finished("Topic Created!", "New Topic was Created!", "Thank you now your topic was sucessfully created.", "index.php?act=topicshow&id=" . $nreply['id']);
$new_reply = mysql_query("INSERT INTO `replies` (`tid`,`post`,`username`,`date`) VALUES('" . $nreply['id'] . "','" . $post . "','" . $logged['username'] . "','" . $time . "')") or die(pageerror("Reply Error", "There was a problem adding reply", "Something went wrong adding new reply"));
}
}
}
}
function do_register_2($TOS)
{
global $logged;
if (!$logged['username']) {
if (!isset($_POST['register'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = 'register.tpl';
$Temp->tp();
$Temp->tr(array("TOS" => $TOS));
echo $Temp->html;
} else {
$captcha_value = $_POST['verify'];
$captcha = $_SESSION['captchastr'];
$email = htmlspecialchars($_POST['email']);
$email2 = htmlspecialchars($_POST['email2']);
$pass = htmlspecialchars($_POST['password']);
$pass2 = $_POST['password2'];
$username = htmlspecialchars($_POST['name']);
$user = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $username . "' ");
$user = mysql_num_rows($user);
$TOSz = $_POST['TOS'];
if ($user != 0) {
die(pageerror("Registration Error", "There was an error in registering!", "User name already exists please try a new name!"));
} elseif ($captcha_value != $captcha) {
die(pageerror("Registration Error", "There was an error in registering!", "Your verification characters were incorrect. Please go back and try again. If you can't see the characters, refresh else contact the administrator."));
} elseif (empty($username) || empty($pass) || empty($pass2) || empty($email) || empty($email2)) {
die(pageerror("Registration Error", "There was an error in registering!", "There was a input left empty please go back and try again!"));
} elseif (!isset($TOSz)) {
die(pageerror("Registration Error", "There was an error in registering!", "In order to register on this site you must agree to TOS!"));
}
$ip = $_SERVER["REMOTE_ADDR"];
$salt = substr(md5(uniqid(rand(), true)), 0, 5);
$hash = md5($salt . $pass);
$online = time();
$timezone = intval(htmlspecialchars($_POST['timezone']));
$new_user = mysql_query("INSERT INTO `users` (`username`,`password`,`email`,`ip`,`salt`,`online`,`timezone`) VALUES('" . $username . "','" . $hash . "','" . $email . "','" . $ip . "','" . $salt . "','" . $online . "','" . $timezone . "') ") or die(pageerror("Registration Error", "There was an error in registering!", "Something went wrong in the database please contact administrator!"));
$users = mysql_query("SELECT `id` FROM `users` ORDER BY `id` DESC LIMIT 1");
$users = mysql_fetch_array($users);
$_SESSION['uid'] = $users['id'];
$_SESSION['upass'] = htmlspecialchars($hash);
finished("Registered Sucessfully!", $username . " now Logged in!", "Thank you now you are now logged in and Registered!", "index.php");
}
} else {
finished("Register Error", "Error registering in.", "Sorry, but you are already logged in. Please logout before you can reregister.", "index.php");
}
}
function RUN_Wrappers()
{
global $logged;
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "boardstats.tpl";
$Temp->tp();
$Temp->tr(array("WRAPPER" => users_online()));
echo $Temp->html;
}
<?php $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "footer.tpl"; $Temp->tp(); echo $Temp->html;
function panel_email()
{
global $logged;
if (!isset($_POST['update'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "cpanel_email.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('E' => $logged['email']));
return $Temp->html;
} else {
if (empty($_POST['password'])) {
pageerror("Profile Error", "Something went wrong", "Looks like you left the password field blank please go back and fix it.");
}
if (empty($_POST['e1']) || empty($_POST['e2'])) {
pageerror("Profile Error", "Something went wrong", "In order to change your email, you must provide both new email fields with a new email to update email.");
}
if (md5($logged['salt'] . $_POST['password']) != $logged['password']) {
pageerror("Profile Error", "Something went wrong", "Sorry, but your password was incorrect, please fix this error.");
}
if ($_POST['e1'] != $_POST['e2']) {
pageerror("Profile Error", "Something went wrong", "Email fields didn't match please go back to make them match.");
}
$email = htmlspecialchars($_POST['e1']);
$sql = mysql_query("UPDATE `users` SET `email` = '" . $email . "' WHERE `username` = '" . $logged['username'] . "'");
if (!$sql) {
pageerror("Profile Error", "Something went wrong", "There was a problem updating sql: " . mysql_error());
}
return imessage("Profile Updated Sucessfully!", "", "Thank you, now your profile is updated!", "index.php?act=Cpanel&option=email", true);
}
}
function RUN_Forums()
{
global $logged;
if (is_numeric($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
//finish checking
} else {
pageerror("Forum Error", "", "Sorry, but there wasn't a forum id present.");
}
//Show Subforums here
$SubForums = mysql_query("SELECT * FROM `forums` WHERE `sid` = '" . $id . "'");
if (mysql_num_rows($SubForums) > 0) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "category_header.tpl";
$Temp->tp();
$Temp->tr(array("CAT_NAME" => "SubForums"));
echo $Temp->html;
while ($SubForum = mysql_fetch_array($SubForums)) {
//select the total replies for each forum
$total_replies = mysql_query("SELECT topics.id,replies.tid FROM `topics`,`replies` WHERE `fid` = '" . $SubForum['id'] . "' AND topics.id = replies.tid") or die(mysql_error());
$total_replies_ = mysql_num_rows($total_replies);
//select topic data from the database from these forums
$nlastpost = mysql_query("SELECT `id`,`title`,`username` FROM `topics` WHERE `fid` ='" . $SubForum['id'] . "' ORDER BY timestamp DESC") or die(mysql_error());
$nlastpost1 = mysql_fetch_array($nlastpost);
$topicid = $nlastpost1['id'];
$topicuser = $nlastpost1['username'];
$topicnumber = mysql_num_rows($nlastpost);
//get latest replies from current forum
$allreplies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $topicid . "' ORDER BY `id` DESC ") or die(mysql_error());
$all_replies = mysql_fetch_array($allreplies);
if ($f['lastvisited'] == "") {
$no_new_post = $total_topics_f_2 != 0 ? "<img src='styles/default/New.png' alt='New' />" : "<img src='styles/default/No%20New.png' alt='No-New' />";
} else {
$lID = $logged['id'];
$last_vdata = unserialize($f['lastvisited']);
$no_new_post = $last_vdata[$lID] < $total_topics_f_2 ? "<img src='styles/default/New.png' alt='New' />" : "<img src='styles/default/No%20New.png' alt='No-New' />";
}
//check if there we're any replies
if (empty($nlastpost1['title'])) {
$IN = "No Topics Here.";
} else {
$IN = "<a href=\"index.php?act=topicshow&id=" . $nlastpost1['id'] . "\">" . $nlastpost1['title'] . "</a>";
}
if ($all_replies['username'] == "") {
$BY = $topicuser;
} else {
$BY = $all_replies['username'];
}
if (getFP($SubForum['id'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "idxforum.tpl";
$Temp->tp();
$Temp->tr(array('NEWPOST' => $no_new_post, 'FORUM_ID' => $SubForum['id'], 'FORUM_NAME' => $SubForum['title'], 'FORUM_DESC' => $SubForum['description'], 'TOPICS' => $topicnumber, 'REPLIES' => $total_replies_, 'LASTPOSTER' => $BY, 'TOPIC_LINK' => $IN, 'SUBFORUMS' => ''));
echo $Temp->html;
}
}
echo "</table><br /><br /><br />";
}
//End Subforums here.
//total replies pagination limit
$ppt = mysql_query("SELECT `topicsperforum` FROM `boardstatus` LIMIT 1;");
$p_p_t = mysql_fetch_array($ppt);
$total_limit = intval($p_p_t['topicsperforum']);
if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) {
$page = 1;
} else {
if (!is_numeric($_GET['p'])) {
pageerror("Page Error", "", "Didn't specify a correct page id.");
} else {
$page = intval(mysql_real_escape_string($_GET['p']));
}
}
$limit_start = $page * $total_limit - $total_limit;
//do topic stuff with pagination
$topics = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' AND `sticky` = '1' ORDER BY `timestamp` DESC LIMIT {$limit_start},{$total_limit}") or die(mysql_error());
$TTtopics = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' ");
$has_topics = mysql_num_rows($TTtopics);
$forum_title = mysql_query("SELECT `locked`,`title`,`lastvisited` FROM `forums` WHERE `id` = '" . $id . "' ") or die("Couldn't fetch forum info");
$forum = mysql_fetch_array($forum_title);
if (!getFP($id, 0)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this forum.");
}
topic_pagination($id, $total_limit, 0);
echo "<br /><br />";
if ($forum['locked'] == 't') {
echo "\n\t\t\t\t\t\t\t<img src='styles/" . $logged['dskin'] . "/Lockd.png' /><br />\n\t\t\t\t\t\t";
} else {
echo "\n\t\t\t\t\t\t\t<a href=\"index.php?act=newtopic&id=" . $id . "\"><img src=\"styles/" . $logged['dskin'] . "/New%20topic.png\" alt='New Topic' style='border:1px solid black;margin-bottom:1px;' /></a>\n\t\t\t\t\t\t";
}
if ($has_topics == 0) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_none.tpl";
$Temp->tp();
$Temp->tr(array('FORUM_NAME' => $forum['title']));
echo $Temp->html;
} else {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_header.tpl";
$Temp->tp();
$Temp->tr(array('FORUM_NAME' => $forum['title']));
echo $Temp->html;
//do a check to see if topics are stickied
$pinned_t = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' AND `sticky` = '0' ORDER BY `timestamp` DESC");
$totalpins = mysql_num_rows($pinned_t);
//show pinned topics
if ($totalpins != 0) {
echo '
<tr>
<td width="100%" class="small_title" colspan="4"><span>Pinned Topics</span></td>
</tr>
';
$totalrepliesever = 0;
while ($pinned = mysql_fetch_array($pinned_t)) {
$replizS = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $pinned['id'] . "' ");
$replizS = mysql_num_rows($replizS);
$lastS = mysql_query("SELECT `username`,`date` FROM `replies` WHERE tid='" . $topic_info['id'] . "' ORDER BY `id` DESC");
$lastpS = mysql_fetch_array($lastS);
($lastposterS = mysql_num_rows($lastS)) != 0 ? $ltpS = $lastpS['username'] and $ltpdS = date("m-d-y", $lastpS['date']) : ($ltpS = $pinned['username']) and $ltpdS = date("m-d-y", $pinned['timestamp']);
$totalrepliesever += $replizS;
//Output pinned topics
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_content.tpl";
$Temp->tp();
$Temp->tr(array('VIEWS' => $pinned['views'], 'REPLIES' => $replizS, 'TID' => $pinned['id'], 'TNAME' => $pinned['title'], 'AUTHOR' => $pinned['username'], 'UID' => getid($pinned['username']), 'DESC' => $pinned['description'], 'LASTP' => $ltpS, 'UID_2' => getid($ltpS), 'DATE' => $ltpdS));
echo $Temp->html;
}
if (mysql_num_rows($topics) > 0) {
echo '
<tr>
<td width="100%" class="small_title" colspan="4"><span>Normal Topics</span></td>
</tr>
';
}
}
while ($topic_info = mysql_fetch_array($topics)) {
$repliz = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $topic_info['id'] . "' ");
$repliz = mysql_num_rows($repliz);
$totalrepliesever = $totalrepliesever + $repliz;
$last = mysql_query("SELECT `username`,`date` FROM `replies` WHERE `tid` = '" . $topic_info['id'] . "' ORDER BY `id` DESC");
$lastp = mysql_fetch_array($last);
($lastposter = mysql_num_rows($last)) != 0 ? $ltp = $lastp['username'] and $ltpd = date("m-d-y", $lastp['date']) : ($ltp = $topic_info['username']) and $ltpd = date("m-d-y", $topic_info['timestamp']);
//output normal topics
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_content.tpl";
$Temp->tp();
$Temp->tr(array('VIEWS' => $topic_info['views'], 'REPLIES' => $repliz, 'TID' => $topic_info['id'], 'TNAME' => $topic_info['title'], 'AUTHOR' => $topic_info['username'], 'UID' => getid($topic_info['username']), 'DESC' => $topic_info['description'], 'LASTP' => $ltp, 'UID_2' => getid($ltp), 'DATE' => $ltpd));
echo $Temp->html;
}
$lfvisit = $forum['lastvisited'];
$lID = $logged['id'];
if ($lfvisit == "") {
$user_lv = serialize(array($logged['id'] => $totalrepliesever));
$up_lfv = mysql_query("UPDATE `forums` SET `lastvisited` ='" . $user_lv . "' WHERE `id` = '" . $id . "' ") or die("error updating last visited");
} else {
$lfvi = unserialize($lfvisit);
if ($lfvi[$lID] < $totalrepliesever || $lfvi[$lID] == "") {
$lfvi[$lID] = $totalrepliesever;
$up_lfv = mysql_query("UPDATE `forums` SET `lastvisited` ='" . serialize($lfvi) . "' WHERE `id` = '" . $id . "' ") or die("error updating last visited");
}
}
echo '
</table>
';
}
}
function moderator()
{
//global vars
global $logged, $permissions;
//set up permissions id's and type id's
$id = intval(htmlspecialchars(trim(strip_tags($_GET['id']))));
$type = htmlspecialchars(trim(strip_tags($_GET['type'])));
$tid = intval(htmlspecialchars($_GET['tid']));
$posts = htmlspecialchars($_GET['post']);
//check what type and modes where in
switch ($type) {
case "edit":
switch ($posts) {
case "topic":
echo "TOPIC";
//gets topic data from database
$tdata_ = mysql_query("SELECT * FROM `topics` WHERE `id` = '" . $id . "' ");
$tdata = mysql_fetch_array($tdata_);
//if they don't have permission
if (($permissions['e_topic'] != 't' and $logged['username'] != $tdata['username']) || $permissions['admin'] != 't') {
logs("Invalid User", "1");
pageerror("Topic Error", "There was an error editing topic.", "You don't have permissions to edit this topic!");
}
if (!isset($_POST['newtopic'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "newtopic.tpl";
$Temp->tp();
$Temp->tr(array('TOPIC_NAME' => 'Edit Topic', 'TITLE' => $tdata['title'], 'DESC' => $tdata['description'], 'POST' => '', '<<HIDE>>' => '<!--', '<<HIDE_2>>' => '-->'));
echo $Temp->html;
} else {
if (empty($_POST['title'])) {
pageerror("Topic Error", "There was an error editing topic", "Please check your post because you left the topic post or topic title blank!");
} else {
$ttitle = htmlspecialchars($_POST['title']);
$description = htmlspecialchars($_POST['tdesc']);
$ndata = @mysql_query("UPDATE `topics` SET `description` = '" . $description . "', `title` = '" . $ttitle . "' WHERE `id` = '" . $id . "' ");
if (!$ndata) {
pageerror("Topic Error", "There was an error editing topic", "There was an error updating sql: " . mysql_error());
}
finished("Topic Updated!", "Current Topic was Updated!", "Thank you now your topic was sucessfully updated.", "index.php?act=topicshow&id=" . $id);
}
}
break;
case "reply":
//Selects reply data from db
$pdata_ = mysql_query("SELECT * FROM `replies` WHERE `id` = '" . $id . "' ");
$pdata = mysql_fetch_array($pdata_);
if ($permissions['e_post'] != 't' and $logged['username'] != $pdata['username'] or $permissions['admin'] != 't') {
logs("Invalid User", "1");
pageerror("Reply Error", "There was an error editing reply.", "You don't have permissions to edit this post!");
}
if (!isset($_POST['newreply'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "newreply.tpl";
$Temp->tp();
$Temp->tr(array('POST' => $pdata['post'], 'NAME' => "Edit Reply"));
echo $Temp->html;
} else {
$rpost = htmlspecialchars($_POST['post']);
if (empty($_POST['post'])) {
pageerror("Reply Error", "There was an error editing reply.", "You left the post field blank please go back and check again!");
} else {
$pdata = @mysql_query("UPDATE `replies` SET `post` = '" . $rpost . "' WHERE `id` = '" . $id . "' ");
if (!$pdata) {
pageerror("Reply Error", "There was an error editing reply.", "There was an sql error: " . mysql_error());
}
finished("Reply Updated!", "Current Post was Updated!", "Thank you now your reply was sucessfully updated.", "index.php?act=topicshow&id=" . $tid);
}
}
break;
}
break;
case "delete":
//Checks if user has permissiosn
if ($permissions['d_post'] != 't') {
logs("Invalid User", "1");
pageerror("Topic Error", "There was an error opening topic.", "You don't have permissions to open this topic!");
}
switch ($posts) {
case "reply":
if (!isset($_POST['submit'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "mode_delete.tpl";
$Temp->tp();
echo $Temp->html;
} else {
if (isset($_POST['del'])) {
if (mysql_query("DELETE FROM `replies` WHERE `id` = '" . $id . "'")) {
finished("Post deleted Successfully", "", "Your post was deleted successfully, please wait while your being redirected.", "index.php?act=topicshow&id=" . $tid);
} else {
pageerror("Deletion Error", "", "There was a problem deleting post, please contact the NevuxAB Support Tech.");
}
} else {
finished("Post Message", "", "No action was taken, please wait while your being redirected.", "index.php?act=topicshow&id=" . $tid);
}
}
break;
}
break;
case "opentopic":
if ($permissions['o_topic'] != 't') {
logs("Invalid User", "1");
pageerror("Topic Error", "There was an error opening topic.", "You don't have permissions to open this topic!");
}
$otopic = mysql_query("SELECT `closed` FROM `topics` WHERE `id` = '" . $tid . "' ");
$otopic = mysql_fetch_array($otopic);
if ($otopic['closed'] == 1) {
pageerror("Topic Error", "", "Topic is already Opened!");
} else {
$topic_update = mysql_query("UPDATE `topics` SET `closed` = '1' WHERE `id` = '" . $tid . "' ");
if (!$topic_update) {
pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error());
}
finished("Topic Updated!", "Current Topic was Pinned!", "Thank you now your topic was sucessfully opened.", "index.php?act=topicshow&id=" . $tid);
}
break;
case "closetopic":
if ($permissions['c_topic'] != 't') {
logs("Invalid User", "1");
pageerror("Topic Error", "There was an error closing topic.", "You don't have permissions to close this topic!");
}
$ctopic = mysql_query("SELECT `closed` FROM `topics` WHERE `id` = '" . $tid . "' ");
$ctopic = mysql_fetch_array($ctopic);
if ($ctopic['closed'] == 0) {
pageerror("Topic Error", "", "Topic is already closed!");
} else {
$topic_update = mysql_query("UPDATE `topics` SET `closed` = '0' WHERE `id` = '" . $tid . "' ");
if (!$topic_update) {
pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error());
}
finished("Topic Updated!", "Current Topic was Closed!", "Thank you now your topic was sucessfully Closed.", "index.php?act=topicshow&id=" . $tid);
}
break;
case "sticktopic":
if ($permissions['topic_pin'] != 't') {
logs("Invalid User", "1");
pageerror("Topic Error", "There was an error Pinning topic.", "You don't have permissions to Pin this topic!");
}
$stopic = mysql_query("SELECT `sticky` FROM `topics` WHERE `id` = '" . $tid . "' ");
$stopic = mysql_fetch_array($stopic);
if ($stopic['sticky'] == 0) {
pageerror("Topic Error", "", "Topic is already Pinned!");
} else {
$topic_update = mysql_query("UPDATE `topics` SET `sticky` = '0' WHERE `id` = '" . $tid . "' ");
if (!$topic_update) {
pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error());
}
finished("Topic Updated!", "Current Topic was Pinned!", "Thank you now your topic was sucessfully Pinned.", "index.php?act=topicshow&id=" . $tid);
}
break;
case "unsticktopic":
if ($permissions['topic_pin'] != 't') {
logs("Invalid User", "1");
pageerror("Topic Error", "There was an error Un-Pinning topic.", "You don't have permissions to Un-Pin this topic!");
}
$ustopic = mysql_query("SELECT `sticky` FROM `topics` WHERE `id` = '" . $tid . "' ");
$ustopic = mysql_fetch_array($ustopic);
if ($ustopic['sticky'] == 1) {
pageerror("Topic Error", "", "Topic is already Un-Pinned!");
} else {
$topic_update = mysql_query("UPDATE topics SET sticky = '1' WHERE `id` = '" . $tid . "' ");
if (!$topic_update) {
pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error());
}
finished("Topic Updated!", "Current Topic was Un-Pinned!", "Thank you now your topic was sucessfully Un-Pinned.", "index.php?act=topicshow&id={$tid}");
}
break;
case "move":
if ($permissions['m_topic'] != 't') {
logs("Invalid User", "1");
pageerror("Topic Error", "There was an error moving topic.", "You don't have permissions to move this topic!");
}
$nparent = htmlspecialchars($_POST['to']);
if (isset($_POST['update'])) {
$topic_update = mysql_query("UPDATE `topics` SET `fid` = '" . $nparent . "' WHERE `id` = '" . $id . "'");
if (!$topic_update) {
pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error());
}
finished("Topic Updated!", "Current Topic was Pinned!", "Thank you now your topic was moved sucessfully.", "index.php?act=topicshow&id=" . $id);
} else {
$gettopics = mysql_query("SELECT * FROM `forums` ORDER BY `id` ASC");
$values = "";
while ($showtopics = MySQL_Fetch_Array($gettopics)) {
$values .= "<option value='" . $showtopics['id'] . "'>" . $showtopics['title'] . "</option>";
}
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "mode_move.tpl";
$Temp->tp();
$Temp->tr(array('OPTIONS' => $values));
echo $Temp->html;
}
break;
}
}
function RUN_Topic()
{
global $logged, $permissions;
if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
} else {
pageerror("Topic Error", "", "Sorry, but there wasn't a topic id present.");
}
if (!getFP(topic_parent_($id), 1)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this topic.");
}
//do some post stuff
//total replies pagination limit
$ppt = mysql_query("SELECT `postpertopic` FROM `boardstatus` LIMIT 1");
$p_p_t = mysql_fetch_array($ppt);
$total_limit = $p_p_t['postpertopic'];
topic_pagination($id, $total_limit);
$main = mysql_query("SELECT * FROM `topics` WHERE `id` = '" . $id . "' ");
$tmain = mysql_fetch_array($main);
$umain = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $tmain['username'] . "'");
$fuser = mysql_fetch_array($umain);
$isSticked = $tmain['sticky'] == 1 ? "<a href='mode.php?type=sticktopic&tid=" . $id . "'>Sticky</a>" : "<a href='mode.php?type=unsticktopic&tid=" . $id . "'>Un-Sticky</a>";
$isLocked = $tmain['closed'] == 1 ? "<a href='mode.php?type=closetopic&tid=" . $id . "'>Lock</a>" : "<a href='mode.php?type=opentopic&tid=" . $id . "'>Un-Lock</a>";
//check if user has permissions
if ($permissions['admin'] == 't' || $permissions['e_topic'] == 't') {
$modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a> | <a href='mode.php?type=move&post=topic&id=" . $id . "'>Move Topic</a> | " . $isSticked . " | " . $isLocked;
} elseif ($logged['username'] == $tmain['username'] && $permissions['e_topic'] == 't') {
$modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a>";
} else {
$modet = "";
}
echo "<br />" . run_buttons($id);
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "topic_title.tpl";
$Temp->tp();
$Temp->tr(array('TITLE' => $tmain['title']));
echo $Temp->html;
//if($_GET['p'] == 1 || !isset($_GET['p']) )
// {
echo '
<tr>
<td colspan="2" class="small_title"><span style="float:left;"><b>Posted On:</b> ' . timezone_stamp($tmain['timestamp'], $logged['timezone']) . '</span><span style="float:right" class="small_title_link">' . $modet . '</span></td>
</tr>
';
//}
if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) {
$page = 1;
} else {
if (!is_numeric($_GET['p'])) {
pageerror("Page Error", "", "Didn't specify a correct page id.");
} else {
$page = intval(mysql_real_escape_string($_GET['p']));
}
}
$limit_start = $page * $total_limit - $total_limit;
//get replies
$replies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $id . "' ORDER BY `id` LIMIT {$limit_start},{$total_limit}") or die(mysql_error(__FILE__, __LINE__));
$has_replys = mysql_num_rows($replies);
if ($has_replys != 0) {
//check to see if there are any replies :D
while ($replys = mysql_fetch_array($replies)) {
//check if user has permissions
if ($permissions['admin'] == 't' || $permissions['d_post'] == 't') {
$modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a> | <a href='mode.php?type=delete&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Delete</a>";
} elseif ($logged['username'] == $replys['username']) {
$modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a>";
} else {
$modep = "";
}
$usez = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $replys['username'] . "'");
$useri = mysql_fetch_array($usez);
//show replies
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "topic_post.tpl";
$Temp->tp();
$Temp->tr(array('OPTIONS' => $modep, 'POSTER' => $replys['username'], 'AVY' => !empty($useri['avatar']) ? '<img width="100" height="100" src="' . $useri['avatar'] . '" alt="" /><br />' : '', 'DATE' => timezone_stamp($replys['date'], $logged['timezone']), 'GROUP' => group($useri['level']), 'UID' => $useri['id'], 'UPOST' => $useri['post'], 'POST' => nl2br(bbcode_format($replys['post'])) . "<br />__________________<br />" . ($useri['signature'] == '' ? ' ' : nl2br(bbcode_format($useri['signature'])))));
echo $Temp->html;
}
} else {
echo "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td width='100%' class='rows' align='center'><em>There isn't any posts in this topic</em></td>\n\t\t\t\t\t</tr>\n\t\t\t\t";
}
echo ' </table> ' . run_buttons($id) . '<br />';
topic_pagination($id, $total_limit);
add_views($id);
}
function imessage($a = "Unknown Clause", $b = "", $c = "Unknown Clause Occured.", $extra = false, $return = false)
{
global $logged;
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = 'message.tpl';
$Temp->tp();
$Temp->tr(array("TITLE" => $a, "STITLE" => $b, "BODY" => $c));
if ($return == true) {
if ($extra != false) {
return $Temp->to() . '<meta http-equiv="refresh" content="3;url=' . $extra . '">';
} else {
return $Temp->to();
}
} else {
$Temp->_print();
}
}
<?php
/*
****************************************************************
#sources/header.php File
#Version 1.4
****************************************************************
#Copy Righted 2006-2007(http://nevuxbulletin.com) [nevuxab.info]
#Created By NevuxAB Developement Team
****************************************************************
*/
if (!defined("NABPROOF")) {
die("Hacking attempt");
}
$bname = mysql_query("SELECT `boardname` FROM `boardstatus` WHERE `id` = '1' ") or die(mysql_error());
$boardname = mysql_fetch_array($bname);
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "header.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('TITLE' => '<title>' . $boardname['boardname'] . ' - (Powered By Nevux Ability Boards)</title> ', 'SKIN' => $logged['dskin'], 'PERMISSIONS' => $NAV));
echo $Temp->html;
?>
